git-commit
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [Command Execution] (SAFE): The skill uses the Bash tool to execute standard Git commands (status, diff, add, commit, push). These operations are necessary for the skill's primary function and are not used maliciously.- [Indirect Prompt Injection] (SAFE): 1. Ingestion points: Reads untrusted data via git diff HEAD and git status. 2. Boundary markers: Absent. 3. Capability inventory: Can perform git add (file write) and git push (network). 4. Sanitization: Instructions explicitly forbid staging .env files, credentials, and secrets, mitigating data exposure risks.- [Data Exposure & Exfiltration] (SAFE): Network communication is limited to git push, which transmits data to the user's configured remote repository. The skill proactively prevents the exposure of secrets.
Audit Metadata